At Moocow we’re all about knowing what’s best for your business, whether it’s the latest updates, design tips or marketing tactics. And when it comes to getting you your perfect website, we pride ourselves on making sites that are both manageable and secure.
Following the launch of the European Union’s General Data Protection Regulation laws (GDPR) which began May 25, everyone has gone a bit security mad, and businesses seem to be packing their site with security options that aren’t often necessary. This can in turn lead to problems with the speed of your site as well as making it easier for hackers to access your web page details. Our aim is to help you understand security options for your site clearly, allowing you to cut through the confusion and get to grips with the lingo, making it that little bit easier. Obvious options to take such as ensuring that your software is always up to date and backed up, are implemented by most. Below however, are a few simple steps you may not know about which may help pin down some good ways to make your site secure, without putting off customers to your site.
Restrict Your Plug-ins
We know it’s tempting, but try not to overload your site with various security plug-ins. Do your research, and pick two or three at most that do the job efficiently. Too many plug-ins will slow down your site and leave it vulnerable to hackers trying to access your private data. Researching what security plug-ins work the best and comply with GDPR regulations is the best way to establish this. It’s easy to be tricked by advertising telling you you need all sorts of different plug-ins, but ultimately many will end up doing the same thing, and it’s easy to find just a couple of plug-ins that will cover your site securely.
When accessing a site, most of us know how frustrating it is having to declare we’re not a Robot… However, using reCaptcha does comes with a lot of benefits. It’s extremely helpful in protecting you from up to 95% of spam and data hack attempts. One downside is, using reCaptcha can have the potential to slow down your site. It’s a bit of a double edged sword. There’s both pros and cons to using it, but overall we feel the benefits outweigh any of the speed issues that may or may not crop up.
Implement Two-Factor Authentication
This method of security has become much more popular recently, especially with larger businesses and sites that hold especially personal data. For those who aren’t sure what this means, it’s pretty much the same as having to show two forms of ID when confirming your identity. In this case it will usually take the form of a password, and a personalised security code sent by text message to your phone. You’ll then be asked to submit this code on the website. Two-Factor Authentication can help significantly reduce the likelihood of hackers being able to impersonate your identity and log in to any accounts or personalised info.
Add a Concealed WP Log In Page
Most hackers will try to get into your site through your WP log in page or dashboard.
WordPress websites primarily all have a universal login URL of /wp-admin/ making it extremely easy for hackers to go directly to your log in page and use brute force cracking to hack your page. This is a trial and error form of hacking used to decrypt passwords and other types of log in details. To prevent this from happening, you change your URL to something more personalised using plug-ins such ManageWP. It allows you to customise your log in URL to something harder to guess, an easy example being /my-concealed-login/ but you can change it to whatever works best for your business. It may seem like a bit of a hassle, but doing this has the potential to stop almost 100% of hackers accessing your page.